Internet Explorer 6 has outlived its "good-before"-date for years now and both Web-programmers (living hell to support) and Microsoft (a security-nightmare for them) were keen to put a stake through its heart for the last years.

It finally seem to have worked: Austria is now at < 1% IE6 according ...

It's not an everyday occurrence that an Austrian Company finds an important security issue. If they then follow responsible disclosure towards the vendor and also inform the local CERT, that's something that should be openly acknowledged.

Thus: A round of applause from CERT.at goes to Johannes Greil ...

This week, Comcast announced that they will enable DNSSEC validation on their production resolvers. One thing one might want to keep in mind if you do that:

People make mistakes. Some domain owners will break their DNSSEC signatures. We've seen a good number of these in 1010, including TLDs like ...

Tiny report of a yet another current fake AV infection which is being spammed out via Email. Warning: do not try to reproduce these results on a Windows PC unless you know what you are doing. As of the time of this writing, the URLs mentioned in this report are live and contain malware. Background Today the following Email (with attached Javascript file) caught my attention:

McAfee published the 2010 "Mapping the Malware Web" report. The explanations and trends in there are worth looking at. More importantly, for us as the CERT, this report is one of the few independent studies which provides us with real numbers on the state of the IT Security game in Austria.

.at is ...